Former AOL E-mail Users Report Spam Spewing From Zombie Accounts

Did you sneer at the mysterious AOL breach that has compromised some customers’ information because you don’t use AOL e-mail anymore? Yeah, about that. Some former AOL users have reported that messages went out under their former IDs. Are spammers forging messages from defunct addresses, or have these AOL accounts gone zombie?

Normally, when we talk about zombie accounts, we mean financial or utility accounts that have been explicitly closed and are reactivated again, creating unexpected disasters for the account’s owner. In this case, though, the zombie accounts aren’t really dead…the users had just abandoned them for so long that they probably assume that the accounts had been cleared out of the system.

CNN spoke to one ex-AOL user who heard from co-workers and former students that her long-dormant account was sending out messages. She found that the messages had been forged, and weren’t being sent from her account, but they were going out to people she had e-mailed in the past, and did bear her return address.

If you still have access to your account, AOL asks that you change the password. Whether you’re a customer or not, report any suspicious messages that claim to originate from AOL to AOL_phish@abuse.aol.com.

Reports on this are spotty, so we’re calling on our readers: if you notice any messages from someone who you know hasn’t used AOL in years, or if your contacts complain of receiving e-mail from your long-abandoned account, please let us know.

If this incident has taught us anything, it’s that it’s a really, really good idea to shut down accounts that you don’t intend to use again, if possible.